A clean and modern Spring Boot authentication API with email verification, password resets, and JWT-based login — built to integrate easily into any application.
This project is a lightweight authentication service designed to plug into any modern application.
It follows a clean structure, takes advantage of Spring Boot’s latest features, and ships with email-based verification and password recovery built right into the flow.
The API exposes core auth operations in a simple, predictable way.
It also includes username/email availability checks so your frontend can give users instant validation.
POST /api/auth/register
Creates a new user and sends an email verification link.
POST /api/auth/login
Authenticates with email/username + password and returns JWT access + refresh tokens.
GET /api/auth/verify?token=...
Verifies email through a secure token.
POST /api/auth/forgot-password
Sends a password reset link.
POST /api/auth/reset-password
Updates password using a valid reset token.
POST /api/auth/resend-verification
Sends a new verification email for unverified users.
GET /api/auth/check-username?username=...
Returns true/false if the username exists.
GET /api/auth/check-email?email=...
Returns true/false if the email exists.
- Spring Boot (latest version)
- Spring Security
- JWT Authentication
- MongoDB
- Spring Mail (Gmail SMTP)
- Spring Validation
- Lombok
- Email verification workflow
- Password reset flow
- Secure JWT access + refresh tokens
- Clean controller/service/repository architecture
- Validation using
@Valid - Minimal, readable, maintainable code
- Easy to connect with any frontend or mobile app
- Straightforward config via
application.yml
- Update your application.yml with:
- MongoDB connection
- SMTP credentials
- JWT secrets
- Start MongoDB
- Run the Spring Boot application
- Test the API using Postman, Thunder Client, or any API tool